• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.181-186
• /
• 2021

Ensuring national security in cyberspace is becoming an increasingly important issue, given the growing number of cybercrimes due to adaptation to new security and protection technologies. The purpose of this article is to study the features of counteracting, preventing, and detecting crimes in the virtual space of Ukraine on the example of cases and analysis of the State Center for Cyber Defense and Countering Cyber Threats CERT-UA and the Cyber Police Department of the National Police of Ukraine. The research methodology is based on the method of analysis and study of cases of crime detection in the virtual environment of the State Center for Cyber Defense and Countering Cyber Threats CERT-UA and the Cyber Police Department of the National Police of Ukraine. The results show that the consistent development of the legal framework in 2016-2020 and the development of a cyber-defense strategy for 2021-2025 had a positive impact on the institution-building and detection of cybercrime in Ukraine. Establishing cooperation with developed countries (USA) has helped to combat cybercrime by facilitating investigations by US law enforcement agencies. This means that international experience is effective for developing countries as a way to quickly understand the threats and risks of cybercrime. In Ukraine, the main number of incidents concerns the distribution of malicious software in the public sector. In the private sector, cyber police are largely confronted with the misappropriation of citizens' income through Internet technology. The practical value of this study is to systematize the experience of overcoming cybercrime on the example of cases of crime detection in a virtual environment.

• Journal of Advanced Navigation Technology
• /
• v.28 no.4
• /
• pp.497-506
• /
• 2024

In this study, we proposed security information and event management for ship as a technology to respond to maritime cybersecurity regulations and evolving cyber threats. We analyze the main technologies of network management system and security information and event management, which are representative technologies for responding to ship cyber security, and propose SIEM for ships based on this. Optimized for ships based on the International Maritime Organization's Maritime Cyber Threat Management Guidelines, IACS UR E26, 27, etc. Derive the main functions of the SIEM for ship, linkage and normalization plan for the ship's heterogeneous equipment, ship's cyber threat and ship detection policy to identify ship's cyber security threats, and ship's operating environment and operating personnel.

• KEPCO Journal on Electric Power and Energy
• /
• v.6 no.4
• /
• pp.399-404
• /
• 2020

There are many attempts to apply AI technology to diagnose facilities or improve the work efficiency of the power industry. The emergence of new machine learning technologies, such as deep learning, is accelerating the digital transformation of the power sector. The problem is that traditional power systems face security risks when adopting state-of-the-art AI systems. This adoption has convergence characteristics and reveals new cybersecurity threats and vulnerabilities to the power system. This paper deals with the security measures and implementations of the power system using machine learning. Through building a commercial facility operations forecasting system using machine learning technology utilizing power big data, this paper identifies and addresses security vulnerabilities that must compensated to protect customer information and power system safety. Furthermore, it provides security guidelines by generalizing security measures to be considered when applying AI.

• Annual Conference of KIPS
• /
• 2023.11a
• /
• pp.799-800
• /
• 2023

최근 많은 기업체들은 점점 고도화되고 있는 사이버 공격 위협에 대응하기 위해 다양한 보안 솔루션 도입 및 종합적인 네트워크 보안 분석을 수행하고 있다. 하지만 보안 영역에 많은 자원과 예산을 투입할 여력이 없는 중소형 업체들은 특히 침해위협 탐지와 대응 결과시각화에 대한 어려움을 겪고 있다. 이에 따라 본 연구에서는 다중 사이버 보안 AI 모델구현을 통해 다각도의 사이버 침해위협 발생 가능성을 예측하고, 추가적으로 오픈소스 기반의 ELK 플랫폼을 통한 대응 결과 시각화를 구현하고자 한다.

• International Journal of Computer Science & Network Security
• /
• v.24 no.4
• /
• pp.170-178
• /
• 2024

Through the growth of the fifth-generation networks and artificial intelligence technologies, new threats and challenges have appeared to wireless communication system, especially in cybersecurity. And IoT networks are gradually attractive stages for introduction of DDoS attacks due to integral frailer security and resource-constrained nature of IoT devices. This paper emphases on detecting DDoS attack in wireless networks by categorizing inward network packets on the transport layer as either "abnormal" or "normal" using the integration of machine learning algorithms knowledge-based system. In this paper, deep learning algorithms and CNN were autonomously trained for mitigating DDoS attacks. This paper lays importance on misuse based DDOS attacks which comprise TCP SYN-Flood and ICMP flood. The researcher uses CICIDS2017 and NSL-KDD dataset in training and testing the algorithms (model) while the experimentation phase. accuracy score is used to measure the classification performance of the four algorithms. the results display that the 99.93 performance is recorded.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.637-659
• /
• 2021

Since the creation of the first Bitcoin blockchain in 2009, the number of cryptocurrency users has steadily increased. However, the number of hacking attacks targeting assets stored in these users' cryptocurrency wallets is also increasing. Therefore, we evaluate the security of the wallets currently on the market to ensure that they are safe. We first conduct threat modeling to identify threats to cryptocurrency wallets and identify the security requirements. Second, based on the derived security requirements, we utilize attack trees and Bayesian network analysis to quantitatively measure the risks inherent in each wallet and compare them. According to the results, the average total risk in software wallets is 1.22 times greater than that in hardware wallets. In the comparison of different hardware wallets, we found that the total risk inherent to the Trezor One wallet, which has a general-purpose MCU, is 1.11 times greater than that of the Ledger Nano S wallet, which has a secure element. However, use of a secure element in a cryptocurrency wallet has been shown to be less effective at reducing risks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.291-307
• /
• 2021

There has been global efforts to prevent the further spread of the COVID-19 and get society back to normal. 'Contact tracing' is a crucial way to detect the infected person. However the contact tracing makes another concern about the privacy violation of the personal data of infected people, released by governments. Therefore Google and Apple are announcing a joint effort to enable the use of Bluetooth technology to help governments and health agencies reduce the spread of the virus, with user privacy and security central to the design. However, in order to provide the improved tracing application, it is necessary to identify potential security threats and investigate vulnerabilities for systematically. In this paper, we provide security analysis of Privacy-Preserving COVID-19 Contact Tracing App with STRIDE and LINDDUN threat models. Based on the analysis, we propose to adopt a verifiable computation scheme, Zero-knowledge Succinctness Non-interactive Arguments of Knowledges (zkSNARKs) and Public Key Infrastructure (PKI) to ensure both data integrity and privacy protection in a more practical way.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.6
• /
• pp.802-808
• /
• 2020

The IoT(Internet of Things) is based on the development of sensor technology and high-speed communication infrastructure, and the number of IoT connected to the network is increasing more than the number of people, and the increase is also very fast. In the field of defense, IoT is being deployed in various fields such as operations, military, base defense, and informatization, and the need is also increasing. Unlike the existing PC/server information protection system, cyber threats are also increasing as IoT sensors, which are vulnerable to information protection, are increasing in the network, so it is necessary to study the platform to protect the defense information and communication network. we investigated the case of connecting wired and wireless IoT to the defense network, and presented an efficient interlocking design method of the IoT integrated independent network with enhanced security by minimizing the contact point with the defense network.

• Journal of Convergence for Information Technology
• /
• v.11 no.10
• /
• pp.144-150
• /
• 2021

The purpose of this paper is to review the direction of the slicing security policy, which is a major consideration in the context of standardization in 5G communication network security, to derive security vulnerability diagnosis items, and to present about analyzing and presenting the issues of discussion for 5G communication network virtualization. As for the research method, the direction of virtualization security policy of 5G communication network of ENISA (European Union Agency for Cybersecurity), a European core security research institute, and research contents such as virtualization security policy and vulnerability analysis of 5G communication network from related journals were used for analysis. In the research result of this paper, the security structure in virtualization security of 5G communication network is arranged, and security threats and risk management factors are derived. In addition, vulnerability diagnosis items were derived for each security service in the risk management area. The contribution of this study is to summarize the security threat items in 5G communication network virtualization security that is still being discussed, to be able to gain insights of the direction of European 5G communication network cybersecurity, and to derive vulnerabilities diagnosis items to be considered for virtualization security of 5G communication network. In addition, the results of this study can be used as basic data to develop vulnerability diagnosis items for virtualization security of domestic 5G communication networks. In the future, it is necessary to study the detailed diagnosis process for the vulnerability diagnosis items of 5G communication network virtualization security.

• Convergence Security Journal
• /
• v.20 no.5
• /
• pp.19-26
• /
• 2020

The purpose of this paper is to ccompare and analyze North Korean cyber attacks and our responses by government, from the Roh Moo-hyun administration to the Moon Jae-in administration. The current conflict of interests on the Korean peninsula, such as the United States, China, and Russia, is leading to a conflict for the leadership of a new world order in cyberspace. Cyber attacks are accelerating and threats are rising. Cyber threats exhibit several characteristics. Above all, it is difficult to identify or track the subject of the threat. Also, with the development of information and communication technology, attack technology has become more intelligent, and it is not easy to prepare a means to respond. Therefore, it is necessary to improve continuous and preemptive response capacity for national cybersecurity, and to establish governance among various actors, such as international cooperation between countries or private experts.